There was a discussion about this on the main rails list a week or two ago...
Basic conclusions that I cam away with were...
Since most of the problematic data would be coming from the database, it
might be easiest to set up activerecord to escape text by default. This
escaping could be turn
I haven't personally suffered the agony of magic quotes, but the problem
seems to have been that it didn't unescape well and that it would break
methods that were not expecting escaped text.
My contention is that those methods were already broken because they
were unsecure and/or couldn't ha
On Wednesday, February 15, 2006, at 2:50 PM, Tom Ward wrote:
>This is a bad idea. It assumes data from ActiveRecord models only
>ever displayed on the web. This ignores email templates, logging, etc
>from within web apps, not to mention applications using ActiveRecord
>outside the web.
The idea
Yeah, I'm fiddling with this now.
Turns out to be a bit tricker than I thought, but should be doable.
_Kevin
On Wednesday, February 15, 2006, at 12:31 PM, David Heinemeier Hansson wrote:
>I think the time has come for less talk and more code. Make a plugin
>that implements this. Use it for a mont
expected problems, or both.
Suggestions for improving the code are welcome.
_Kevin
On Wednesday, February 15, 2006, at 6:40 PM, Kevin Olbrich wrote:
>Yeah, I'm fiddling with this now.
>Turns out to be a bit tricker than I thought, but should be doable.
>
>_Kevin
>
>On Wedne
Rick,
:after_find doesn't exist by default. It only gets called if it is
defined. The way I set this up, it defines an 'after_find' callback in
ActiveRecord::Base, so other plugins or classes would have to alias the
one I defined to get it to work right.
I'm tinkering around with some met
This plugin has been updated a bit. The algorithm is a bit more
efficient and the whole thing is simpler and more robust. The update is
only available through the subversion repository at the moment.
_Kevin
On Sunday, February 19, 2006, at 7:25 PM, Kevin Olbrich wrote:
>I have setu
I'd just like to clarify the load behavior of plugins before I go
opening new tickets.
I developed a couple of plugins that add some functionality to
activerecord, however, when I run unit tests (and the console for that
matter), the plugin does not appear to load. None of the additional
Just curious...
Why isn't there a 'before_find' callback for ActiveRecord?
_Kevin
--
Posted with http://DevLists.com. Sign up and save your mailbox.
___
Rails-core mailing list
Rails-core@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/list
Well, what I'm thinking of would be more like a class-level before_find.
I'd like to intercept the options going into 'find', and pre-process
them on a model-per-model basis, and then pass that along to 'find'.
The general idea is to give models an ability to restrict which users
can access
Yeah, I know how to do it that way.
I'm just exploring other options.
On Saturday, April 22, 2006, at 7:40 PM, Tobias Lütke wrote:
>def find(*params)
> [..] before find code
> super
>end
>
>On 22 Apr 2006 23:09:07 -, Kevin Olbrich
><[EMAIL PROTECTED]> wrot
Nice, that looks very handy for this purpose.
On Monday, April 24, 2006, at 11:33 AM, Tim Lucas wrote:
>On 23/04/2006, at 3:09 AM, Kevin Olbrich wrote:
>
>> Yeah, I know how to do it that way.
>> I'm just exploring other options.
>
>The other way to accomplish w
On Saturday, July 29, 2006, at 1:29 PM, Daniel N wrote:
>On 7/27/06, Jeremy Kemper <[EMAIL PROTECTED]> wrote:
>>
>> On Jul 26, 2006, at 6:06 AM, Daniel N wrote:
>> > I've had a crack at this one and it is as I feared.
>> >
>> > If I define the restrict association first, then the destroy chain
>>
13 matches
Mail list logo
